2

I want to block a file config.json from access, so I put .htaccess file like this:

RewriteEngine on

RewriteRule config.json - [F]

In directory ~/projects/bush but when I access localhost/projects/bush/config.json I still see the content of the file, what wrongs here?

Improve this question
2
  • 2
    Do .htaccess files work otherwise in other contexts? At the server level, AllowOverride must be set to enable them at the directory level... Commented Dec 21, 2013 at 14:54
  • It doesn't actually affect your use case, but the . should be escaped as config\.json - otherwise it matches any character so if you had a valid file configxjson that would also be blocked by your rule. Just good practice. Commented Dec 21, 2013 at 14:55

2 Answers 2

Reset to default
1

Check the web server's configuration (httpd.conf) for AllowOverride None as it disables reading of .htaccess for the directories it applies to. It is often done to increase performance.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Yes, that was it, found it before I see the answer, I've None in /etc/apache2/sites-available/default and change it to AllowOverride All
0

try:

RewriteRule ^/?config\.json$ - [F,L]

This probably will work.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.